Prepare 0.8.0 release

Drop support for OpenSSL 1.0; fix compilation with OpenSSL 3
GitHub actions: upgrade download/upload artifacts
2026-01-02 16:20:16 -08:00 · 2025-09-23 20:41:07 -04:00 · 2025-09-23 20:37:48 -04:00 · 2024-09-03 19:30:58 -04:00 · 2022-06-07 12:34:52 -04:00
14 changed files with 20 additions and 142 deletions
--- a/.github/workflows/release-linux.yml
+++ b/.github/workflows/release-linux.yml
@@ -16,7 +16,7 @@ jobs:
      - name: Build binary
        run: make
      - name: Upload release artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: git-crypt-artifacts
          path: git-crypt
@@ -28,7 +28,7 @@ jobs:
      contents: write
    steps:
      - name: Download release artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
        with:
          name: git-crypt-artifacts
      - name: Upload release asset
--- a/.github/workflows/release-windows.yml
+++ b/.github/workflows/release-windows.yml
@@ -26,7 +26,7 @@ jobs:
        shell: msys2 {0}
        run: make LDFLAGS="-static-libstdc++ -static -lcrypto -lws2_32"
      - name: Upload release artifact
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
        with:
          name: git-crypt-artifacts
          path: git-crypt.exe
@@ -38,7 +38,7 @@ jobs:
      contents: write
    steps:
      - name: Download release artifact
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
        with:
          name: git-crypt-artifacts
      - name: Upload release asset
--- a/2
+++ b/2
@@ -24,7 +24,7 @@ OBJFILES = \
    coprocess.o \
    fhstream.o
-OBJFILES += crypto-openssl-10.o crypto-openssl-11.o
+OBJFILES += crypto-openssl-11.o
 LDFLAGS += -lcrypto
 XSLTPROC ?= xsltproc
--- a/4
+++ b/4
@@ -1,3 +1,7 @@
 v0.8.0 (2025-09-23)
  * Remove OpenSSL 1.0 support, fix compilation with OpenSSL 3.
  * Avoid use of problematic short GPG key IDs.
 v0.7.0 (2022-04-21)
  * Avoid "argument list too long" errors on macOS.
  * Fix handling of "-" arguments.
--- a/NEWS.md
+++ b/NEWS.md
@@ -1,6 +1,10 @@
 News
 ====
 ######v0.8.0 (2025-09-23)
 * Remove OpenSSL 1.0 support, fix compilation with OpenSSL 3.
 * Avoid use of problematic short GPG key IDs.
 ######v0.7.0 (2022-04-21)
 * Avoid "argument list too long" errors on macOS.
 * Fix handling of "-" arguments.
--- a/2
+++ b/2
@@ -70,7 +70,7 @@ encryption and decryption happen transparently.
 CURRENT STATUS
-The latest version of git-crypt is 0.7.0, released on 2022-04-21.
+The latest version of git-crypt is 0.8.0, released on 2025-09-23.
 git-crypt aims to be bug-free and reliable, meaning it shouldn't
 crash, malfunction, or expose your confidential data.  However,
 it has not yet reached maturity, meaning it is not as documented,
--- a/README.md
+++ b/README.md
@@ -71,8 +71,8 @@ encryption and decryption happen transparently.
 Current Status
 --------------
-The latest version of git-crypt is [0.7.0](NEWS.md), released on
+The latest version of git-crypt is [0.8.0](NEWS.md), released on
-2022-04-21.  git-crypt aims to be bug-free and reliable, meaning it
+2025-09-23.  git-crypt aims to be bug-free and reliable, meaning it
 shouldn't crash, malfunction, or expose your confidential data.
 However, it has not yet reached maturity, meaning it is not as
 documented, featureful, or easy-to-use as it should be.  Additionally,
--- a/commands.cpp
+++ b/commands.cpp
@@ -1297,7 +1297,8 @@ int add_gpg_user (int argc, const char** argv)
 			std::ostringstream	commit_message_builder;
 			commit_message_builder << "Add " << collab_keys.size() << " git-crypt collaborator" << (collab_keys.size() != 1 ? "s" : "") << "\n\nNew collaborators:\n\n";
 			for (std::vector<std::pair<std::string, bool> >::const_iterator collab(collab_keys.begin()); collab != collab_keys.end(); ++collab) {
-				commit_message_builder << '\t' << gpg_shorten_fingerprint(collab->first) << ' ' << gpg_get_uid(collab->first) << '\n';
+				commit_message_builder << "    " << collab->first << '\n';
 				commit_message_builder << "        " << gpg_get_uid(collab->first) << '\n';
 			}
 			// git commit -m MESSAGE NEW_FILE ...
--- a/crypto-openssl-10.cpp
+++ b/crypto-openssl-10.cpp
@@ -1,120 +0,0 @@
 /*
 * Copyright 2012, 2014 Andrew Ayer
 *
 * This file is part of git-crypt.
 *
 * git-crypt is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * git-crypt is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with git-crypt.  If not, see <http://www.gnu.org/licenses/>.
 *
 * Additional permission under GNU GPL version 3 section 7:
 *
 * If you modify the Program, or any covered work, by linking or
 * combining it with the OpenSSL project's OpenSSL library (or a
 * modified version of that library), containing parts covered by the
 * terms of the OpenSSL or SSLeay licenses, the licensors of the Program
 * grant you additional permission to convey the resulting work.
 * Corresponding Source for a non-source form of such a combination
 * shall include the source code for the parts of OpenSSL used as well
 * as that of the covered work.
 */
 #include <openssl/opensslconf.h>
 #if !defined(OPENSSL_API_COMPAT)
 #include "crypto.hpp"
 #include "key.hpp"
 #include "util.hpp"
 #include <openssl/aes.h>
 #include <openssl/sha.h>
 #include <openssl/hmac.h>
 #include <openssl/evp.h>
 #include <openssl/rand.h>
 #include <openssl/err.h>
 #include <sstream>
 #include <cstring>
 void init_crypto ()
 {
 	ERR_load_crypto_strings();
 }
 struct Aes_ecb_encryptor::Aes_impl {
 	AES_KEY key;
 };
 Aes_ecb_encryptor::Aes_ecb_encryptor (const unsigned char* raw_key)
 : impl(new Aes_impl)
 {
 	if (AES_set_encrypt_key(raw_key, KEY_LEN * 8, &(impl->key)) != 0) {
 		throw Crypto_error("Aes_ctr_encryptor::Aes_ctr_encryptor", "AES_set_encrypt_key failed");
 	}
 }
 Aes_ecb_encryptor::~Aes_ecb_encryptor ()
 {
 	// Note: Explicit destructor necessary because class contains an unique_ptr
 	// which contains an incomplete type when the unique_ptr is declared.
 	explicit_memset(&impl->key, '\0', sizeof(impl->key));
 }
 void Aes_ecb_encryptor::encrypt(const unsigned char* plain, unsigned char* cipher)
 {
 	AES_encrypt(plain, cipher, &(impl->key));
 }
 struct Hmac_sha1_state::Hmac_impl {
 	HMAC_CTX ctx;
 };
 Hmac_sha1_state::Hmac_sha1_state (const unsigned char* key, size_t key_len)
 : impl(new Hmac_impl)
 {
 	HMAC_Init(&(impl->ctx), key, key_len, EVP_sha1());
 }
 Hmac_sha1_state::~Hmac_sha1_state ()
 {
 	// Note: Explicit destructor necessary because class contains an unique_ptr
 	// which contains an incomplete type when the unique_ptr is declared.
 	HMAC_cleanup(&(impl->ctx));
 }
 void Hmac_sha1_state::add (const unsigned char* buffer, size_t buffer_len)
 {
 	HMAC_Update(&(impl->ctx), buffer, buffer_len);
 }
 void Hmac_sha1_state::get (unsigned char* digest)
 {
 	unsigned int len;
 	HMAC_Final(&(impl->ctx), digest, &len);
 }
 void random_bytes (unsigned char* buffer, size_t len)
 {
 	if (RAND_bytes(buffer, len) != 1) {
 		std::ostringstream	message;
 		while (unsigned long code = ERR_get_error()) {
 			char		error_string[120];
 			ERR_error_string_n(code, error_string, sizeof(error_string));
 			message << "OpenSSL Error: " << error_string << "; ";
 		}
 		throw Crypto_error("random_bytes", message.str());
 	}
 }
 #endif
--- a/crypto-openssl-11.cpp
+++ b/crypto-openssl-11.cpp
@@ -30,8 +30,6 @@
 #include <openssl/opensslconf.h>
 #if defined(OPENSSL_API_COMPAT)
 #include "crypto.hpp"
 #include "key.hpp"
 #include "util.hpp"
@@ -115,5 +113,3 @@ void random_bytes (unsigned char* buffer, size_t len)
 		throw Crypto_error("random_bytes", message.str());
 	}
 }
 #endif
--- a/git-crypt.hpp
+++ b/git-crypt.hpp
@@ -31,7 +31,7 @@
 #ifndef GIT_CRYPT_GIT_CRYPT_HPP
 #define GIT_CRYPT_GIT_CRYPT_HPP
-#define VERSION "0.7.0"
+#define VERSION "0.8.0"
 extern const char*	argv0;	// initialized in main() to argv[0]
--- a/gpg.cpp
+++ b/gpg.cpp
@@ -61,12 +61,6 @@ static std::string gpg_nth_column (const std::string& line, unsigned int col)
 	       line.substr(pos);
 }
 // given a key fingerprint, return the last 8 nibbles
 std::string gpg_shorten_fingerprint (const std::string& fingerprint)
 {
 	return fingerprint.size() == 40 ? fingerprint.substr(32) : fingerprint;
 }
 // given a key fingerprint, return the key's UID (e.g. "John Smith <jsmith@example.com>")
 std::string gpg_get_uid (const std::string& fingerprint)
 {
--- a/gpg.hpp
+++ b/gpg.hpp
@@ -41,7 +41,6 @@ struct Gpg_error {
 	explicit Gpg_error (std::string m) : message(m) { }
 };
 std::string			gpg_shorten_fingerprint (const std::string& fingerprint);
 std::string			gpg_get_uid (const std::string& fingerprint);
 std::vector<std::string>	gpg_lookup_key (const std::string& query);
 std::vector<std::string>	gpg_list_secret_keys ();
--- a/man/git-crypt.xml
+++ b/man/git-crypt.xml
@@ -8,7 +8,7 @@
 	<refentryinfo>
 		<title>git-crypt</title>
 		<date>2022-04-21</date>
-		<productname>git-crypt 0.7.0</productname>
+		<productname>git-crypt 0.8.0</productname>
 		<author>
 			<othername>Andrew Ayer</othername>
Author	SHA1	Message	Date
Andrew Ayer	160cf642e1	Prepare 0.8.0 release	2025-09-23 20:41:07 -04:00
Andrew Ayer	4dd5c20243	Drop support for OpenSSL 1.0; fix compilation with OpenSSL 3	2025-09-23 20:37:48 -04:00
Andrew Ayer	968c924798	GitHub actions: upgrade download/upload artifacts Closes: #313	2024-09-03 19:30:58 -04:00
Andrew Ayer	08dbdcfed4	When adding GPG collaborator, include full fingerprint in commit message Short key IDs are bad (https://evil32.com/) Closes: #253	2022-06-07 12:34:52 -04:00